The UK’s small businesses are being urged to take “urgent steps” in order to protect themselves from ransomware following the global cyber attack that significantly affected organisations around the world.
The Federation of Small Businesses (FSB), which represents the UK’s 5.5 million smaller companies, said it had received “specific concerns” from the National Cyber Security Centre, the new government department set up to tackle the growing cyber crime threat.
The FSB is recommending that firms take a number of steps to protect themselves, including checking for updates, installing anti-virus protection and backing up data.
Research from the body shows that a cyber attack costs a small business nearly £3,000 on average and it takes them more than two days to recover from it.
Smaller firms are particular targets for cyber criminals, with seven million attacks executed against small UK firms every year – that is 19,000 every day.
What is more, they tend to have fewer resources than their larger counterparts and can struggle to find time and resources to focus on developing robust cyber crime strategies.
The FSB said companies can protect against the “rising” cyber risk, perpetrated by ever-more sophisticated online criminals, by:
- Taking out specific cyber security protection insurance
- Checking for updates to their operating systems and anti-malware software
- Making sure their data is backed up
- Keeping up to date with cyber security news and reading up on the latest advice
Mike Cherry, FSB national chairman, said: “We are urging all small businesses to take steps to reduce the risk of an attack.”
The recent worldwide cyber attack, thought to have been executed from a cyber gang based in North Korea, effected thousands of computers across the globe.
One of the most high-profile victims was the UK’s NHS, which resulted in operations being cancelled, ambulances being diverted and patient records being made unavailable.
Cyber security researchers think the ransomware attack was perpetrated by the Lazarus Group, also thought to have been responsible for the Sony Pictures Entertainment hack in 2014, which saw the release of hundreds of emails that caused major embarrassment for the high-profile entertainment firm.
It is almost beyond belief to think that one contractor pulling out the wrong plug could bring down the IT systems of a multinational giant, and strand thousands of passengers in the process. Not only did this person single-handedly bring down a British Airways data centre, but by “plugging it back in” again, he created an ad-hoc data system inconsistency failure that cascaded across the company’s computers. This meant that it took days, and much embarrassing press coverage, to resolve the problem rather than an hour or two, as the company’s carefully constructed backup systems would have done if left alone.
The lesson for any business is that the best-laid IT plans mean nothing when the unexpected happens. Clearly, if your IT systems, servers and so on have UPS backup or run from the mains, then marking the vital plugs or leaving clear instructions on what to do, or not to do, in the event of a power failure will prevent any such drama.
But many companies are not that far up the IT evolutionary scale, they rely on a few computers with all their data, and often lack sufficient backups, remote access or other essentials that could see them survive an unexpected visit from a clumsy worker or even a regular IT failure. Take British Airways’ failure as a warning sign that something just as terrible could happen to any business and get professional advice to prepare your company.
Seeking help and support from experts is one of the fastest ways to protect and secure your company data and IT systems. We can help provide managed services, put in place appropriate security and backup systems, ensuring your vital data and information is always available, whatever goes wrong, allowing the business to continue.
A blended approach of on-site and cloud backups, hosted email Exchange and services means your workers can access your data from any device, rather than being tied to a single desktop or notebook PC. This can increase business flexibility and mobility, helping your workers be more efficient. Whatever your IT situation, get in touch and get advice to avoid an embarrassing BA-style £50 million disaster that could cripple your company.
British Airways A321 by Transport Pixels licensed under Creative commons 5
It is estimated that downtime costs businesses in the UK around £2 billion each year, and with more and more business expanding online, that figure looks set to rise. So when it comes to your business, do your really know how much downtime is not only costing you, but also the extent to which it’s negatively impacting your growth?
After surveying over 1,800 companies throughout Europe, CA Technologies found that the average amount of downtime per year stands at fourteen hours, although in the UK it’s much worse at around the twenty-seven-hour mark. Unsurprisingly, the same survey found that the downtime meant the companies were less able to generate revenue.
With the amount that downtime costs per hour rising year on year, it means that computer support is more valuable than ever. Despite the fact that technology companies are working hard to reduce the amount of downtime that we experience, at the same time the amount that businesses rely on their internet connection is also rising. So even if the downtime comes down, every second of downtime is costing more, particularly when you consider the service expectations that today’s consumers have.
A report from the Aberdeen Group found that the average hourly cost of downtime per hour was almost £140,000 for UK SMEs, so it goes to show just how vital every single minute is. It’s worth bearing in mind however that the report found huge variations depending on what industry it surveyed. The cost to a media company was relatively low at £55,000 when compared to online brokerages which reported staggering losses of almost £4 million per hour of downtime. Ultimately, it doesn’t matter what industry you’re in, the last thing you’re going to want to do is lose money through connectivity issues that are out of your control, especially if the downtime means you lose important information that could end up being unrecoverable.
As a smaller business, it’s vital that you’re in a position to deliver excellent customer service to help you stand out from your competitors. That’s why downtime can prove so costly to an SME – there’s nothing worse than failing to follow up with a customer or missing out on an order because of downtime. It can also negatively affect the quality that your staff are able to deliver.
With that in mind, if you’re a small or mid-sized business that has been affected by downtime in the past, you may want to give serious consideration to how hosted servers can reduce your exposure to downtime and how offsite backup can protect you against any potential losses of data. Contact us today to find out more.
No Internet by Graciolli Dotcom licensed under Creative commons 4
It makes sense for small companies to outsource IT. Few small firms are able to afford to employ specialist IT staff full time, and their hardware and software needs are usually minimal enough that the CEO or office manager can take care of it.
But things get more complicated once a business starts to grow and finds itself working across multiple sites, with different computer networks, servers and even a requirement for remote access so employees can work at home. It isn’t unusual for a family run business to have more than twenty desktops in operation.
IT support then becomes a crucial function to enable the business to reach its full capability. But because it isn’t core to the organisation’s actual operation, the cost involved in developing and maintaining IT staff or an IT department feels like a distraction.
By outsourcing your IT infrastructure, your business can make considerable cost efficiencies, with savings on both capital costs as well as operating costs. For small and medium-sized enterprises, it reduces overheads, removing HR, training and payroll expenses. It also makes IT a fixed and predictable monthly charge.
As IT is their core competency, they can provide trained and certified staff at a level beyond the financial reach of most SMEs. With experience across multiple platforms, an outsourcing firm can become a partner, providing advice and expertise to make the right technology decisions for your business.
One key advantage of outsourcing your IT support as well as hardware and software equipment is that professionals can be available on tap, 24/7. This isn’t always possible with regular employees, who might keep normal office hours. And it can be critical in a business where operations run outside of usual hours, such as manufacturing, commercial printing, and hospitality.
Nimbus CS can provide a menu of networking and business IT support services from which you can put together a bespoke solution that is just right for your business needs. There are also pay as you go options, ideal for small companies with minimal needs, and a fixed fee managed IT support solution that can match the variety, complexity and size of your organisation. Contact us to find out more.
Following all the recent cyber attacks of late we have been inundated with requests from concerned clients around system security and best practice policies to protect your critical IT systems. At Nimbus have been working extremely hard over the past 18 months to understand how these criminals work, how they target their victims and what steps should be taken to help protect your business against such attacks. We are in the process of working towards an accreditation on the cyber essentials framework set out by the UK government on best practices to support and protect businesses of all sizes against cyber crime and this email is to provide you and your company with some basic awareness of how these attacks occur but also what steps should be taken to help protect your business against cyber criminals.
What is Cyber crime?
An estimated two thirds of UK businesses have fallen victim to cyber criminals in the past two years with the majority of attacks similar to the recent Ransomware attack on the NHS still coming from malicious software delivered to your machines through malware which can arrive in the form of unsecure websites, ZIP files, PDF or web links on emails an when opened this may download a virus to your computer.
However as cybersecurity software such as Antivirus, Anti-malware and others have become more sophisticated, employees have become easier targets. A common method among hackers, for example, is to pose as a company boss or another employee within the organisation in an email and persuade an employee to urgently wire company money to an account. These type of emails are known as phishing emails, where cybercriminals target individuals , rather than computer systems in the hope they will get a reply and in the example above, money transferred to designated account.
Ways to help prevent?
Such attacks are destructive to your company finances and reputation. So below are some point on how business owners / managers and staff can help protect, learn to spot – and stop – them.
- Implement and enforce strong password policies for your computer systems
- Keep your operating systems up to date and fully patched. Microsoft has withdrawn support from Windows XP & Vista which means these operating systems no longer receive important updates and therefore is extremely vulnerable to attack.
- Make sure all Wireless Networks are encrypted and protected with secure passwords
- Keep all third party software fully up to date and renewed
- Have a firewall plus software that opposes virus, malware etc
- Disable administrator access to local computers, restrict USB access so malicious software cannot be easily downloaded
- Educate employees on what to look out for on emails, software alerts, keep antivirus software up to date, not to bring personal computers / laptops into your business
While the above points are important there is only ONE sure way that your company can survive a ransomware attack and that is with a good backup strategy with should include both onsite and offsite and with GDPR just around the corner in May 2018 the focus will be on you to implement measures to ensure your company data and that of your clients is backed up and secure or you could be looking at hefty fines.
As the threat of cyber crime is rising at an alarming rate we are planning on providing as much education and assistance as possible through email communications, health-checks on your systems and policies, social media and events . Please contact our team if you have any questions or require assistance on 028 900 800 30 or firstname.lastname@example.org and we will be very happy to assist or answer any concerns.